Skip to content
Snippets Groups Projects
Commit 921ba557 authored by Andreas Gohr's avatar Andreas Gohr
Browse files

Merge pull request #97 from timroes/master 

Remote interface improvements
parents c67addf8 d41322ba
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
inc/RemoteAPICore.php
+ 18
10
View file @ 921ba557
......@@ -169,7 +169,7 @@ class RemoteAPICore {
* @return page text.
*/
function rawPage($id,$rev=''){
$id = cleanID($id);
$id = $this->resolvePageId($id);
if(auth_quickaclcheck($id) < AUTH_READ){
throw new RemoteAccessDeniedException('You are not allowed to read this file', 111);
}
......@@ -228,7 +228,7 @@ class RemoteAPICore {
* Return a wiki page rendered to html
*/
function htmlPage($id,$rev=''){
$id = cleanID($id);
$id = $this->resolvePageId($id);
if(auth_quickaclcheck($id) < AUTH_READ){
throw new RemoteAccessDeniedException('You are not allowed to read this page', 111);
}
......@@ -356,14 +356,14 @@ class RemoteAPICore {
* Return a list of backlinks
*/
function listBackLinks($id){
return ft_backlinks(cleanID($id));
return ft_backlinks($this->resolvePageId($id));
}
/**
* Return some basic data about a page
*/
function pageInfo($id,$rev=''){
$id = cleanID($id);
$id = $this->resolvePageId($id);
if(auth_quickaclcheck($id) < AUTH_READ){
throw new RemoteAccessDeniedException('You are not allowed to read this page', 111);
}
......@@ -394,7 +394,7 @@ class RemoteAPICore {
global $TEXT;
global $lang;
$id = cleanID($id);
$id = $this->resolvePageId($id);
$TEXT = cleanText($text);
$sum = $params['sum'];
$minor = $params['minor'];
......@@ -507,7 +507,7 @@ class RemoteAPICore {
* Returns the permissions of a given wiki page
*/
function aclCheck($id) {
$id = cleanID($id);
$id = $this->resolvePageId($id);
return auth_quickaclcheck($id);
}
......@@ -517,7 +517,7 @@ class RemoteAPICore {
* @author Michael Klier <chi@chimeric.de>
*/
function listLinks($id) {
$id = cleanID($id);
$id = $this->resolvePageId($id);
if(auth_quickaclcheck($id) < AUTH_READ){
throw new RemoteAccessDeniedException('You are not allowed to read this page', 111);
}
......@@ -633,7 +633,7 @@ class RemoteAPICore {
* @author Michael Klier <chi@chimeric.de>
*/
function pageVersions($id, $first) {
$id = cleanID($id);
$id = $this->resolvePageId($id);
if(auth_quickaclcheck($id) < AUTH_READ) {
throw new RemoteAccessDeniedException('You are not allowed to read this page', 111);
}
......@@ -711,7 +711,7 @@ class RemoteAPICore {
$unlockfail = array();
foreach((array) $set['lock'] as $id){
$id = cleanID($id);
$id = $this->resolvePageId($id);
if(auth_quickaclcheck($id) < AUTH_EDIT || checklock($id)){
$lockfail[] = $id;
}else{
......@@ -721,7 +721,7 @@ class RemoteAPICore {
}
foreach((array) $set['unlock'] as $id){
$id = cleanID($id);
$id = $this->resolvePageId($id);
if(auth_quickaclcheck($id) < AUTH_EDIT || !unlock($id)){
$unlockfail[] = $id;
}else{
......@@ -764,6 +764,14 @@ class RemoteAPICore {
return $ok;
}
private function resolvePageId($id) {
$id = cleanID($id);
if(empty($id)) {
global $conf;
$id = cleanID($conf['start']);
}
return $id;
}
}
lib/exe/xmlrpc.php
+ 2
1
View file @ 921ba557
......@@ -30,10 +30,11 @@ class dokuwiki_xmlrpc_server extends IXR_Server {
} catch (RemoteAccessDeniedException $e) {
if (!isset($_SERVER['REMOTE_USER'])) {
header('HTTP/1.1 401 Unauthorized');
return new IXR_Error(-32603, "server error. not authorized to call method $methodname");
} else {
header('HTTP/1.1 403 Forbidden');
return new IXR_Error(-32604, "server error. forbidden to call the method $methodname");
}
return new IXR_Error(-32603, "server error. not authorized to call method $methodname");
} catch (RemoteException $e) {
return new IXR_Error($e->getCode(), $e->getMessage());
}
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment